Good good good gooooood, port 111, servers never gave me any trouble
till after port 99.......
If you recognize the parody above you watched too much tv as a kid like I did.
Ok. down to business:
=====================
sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP
sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP
To see it in action type:
rpcinfo -p localhost
Many a root exploit has been written about the weknesses
of RPC on port 111 for practically every UNIX including
the one under the Sun[tm].
Take your browser over to:
Exploit World -
http://insecure.org/sploits_all.html
NOTE: The URL for Exploits covers a lot of info so I am
also passing it on to 2 others that may want to review
the URL that are not on this list.
Who maintains the PLUG Security List?
( Please don't say it is me! )
It seems like on Thu, Aug 31, 2000 at 11:56:23PM -0700,
foodog@uswest.net scribbled:
Orig Msg> Over the last 2 weeks or so I've had about 10 script
Orig Msg> kiddies try to connect to my home firewall on TCP port 111.
Orig Msg> I finally visited Packetstorm to see if something was just
Orig Msg> released but nothing was obvious. Anyone know what the kidz
Orig Msg> are up to?
Orig Msg>
Orig Msg> Just curious, and wondering if anyone ever _uses_ the
Orig Msg> security list ;-)
Orig Msg>
Orig Msg> Steve
Orig Msg> --
Orig Msg> Carpe cerevisiae
Orig Msg>
Orig Msg> _______________________________________________
Jean Francois - JLF Sends...
President & CEO - MagusNet, Inc., MagusNet.com, MagusNet.Gilbert.AZ.US
Director Of Managed Services - OpNIX,Inc.,
www.opnix.com
OpNIX - Simply Better Bandwidth
(text/plain)